Skip to main content

tv   National Governors Association  CSPAN  February 23, 2013 9:15pm-12:15am EST

9:15 pm
[captioning performed by national captioning institute] [captions copyright national cable satellite corp. 2013] good morning. i am jack markell, chair of the national governors' association. i am joined by governor fallin. through the nga we identified the priority of the state can find common ground on the issues that unite us. the bipartisan nature of the nga allows us to have very candid conversations with our colleagues from across the country. that is what we will be doing this weekend. while each governor has his or her own agendas, we want to remain sustainable. federal spending cut means states will receive less.
9:16 pm
it can undermine our budget and slow the economic growth in our states. as it stands, state economies are slowly recovering and we are returning to the revenues we collected back in 2008. we believed in flexible federalism. as we continue to work with congress and the administration, governors are committed to a collaboration to maintain and promote a balanced system. we have as congress and the initiation to keep four points in mind. this should produce savings for the federal and state. it cannot be accomplished by shifting costs from the federal government to the states or by imposing unfunded mandates.
9:17 pm
state should be given increased flexibility. congress should not impose efforts as this. many of the decisions that affect our health care are made in the states, especially those about health care delivery systems. as the demand for primary care is straining, we face a rapidly aging population. more than 16 million individuals are projected to gain health insurance coverage by 2016. many are looking for innovative ways to revamp how they deliver health care. the department of health and human services issued a number of states where they could work exactly on that.
9:18 pm
we will be spending time speaking about this and some other flexibilities. our discussions will be about my nga chair initiative. mine is called "building a better bottom line, employing individuals with disabilities." we want to increase the jobs for everybody in our state. we cannot forget the people in our states with disabilities. we need to be the jobs governors for them as well. it is up to us to enable people to engage in productive employment and to participate fully in their communities. that is why i have chosen to
9:19 pm
focus this initiative on ways that states and businesses can increase employment opportunities for individuals with disabilities. it is designed to raise awareness of how talents can contribute to a company's bottom line. it is also defining way state government and businesses can partner to bring opportunities to individuals in the labor market. this is the economic issue. we have invited one of the foremost leaders in our community to weigh in on this very important topic. we will be hearing from the president and ceo of walgreen's. it is an incredible example of how employing those with disabilities makes good sense. he has a very compelling message. in our special session tomorrow, judy woodruff will moderate a discussion among the
9:20 pm
governors about how states can support businesses to include these individuals with disabilities. will also be joined by a panel of experts. we have a lot to accomplish. we are optimistic about our state. we are aware of the leadership roles that are entrusted to us by the citizens of our state. we honor that by moving all of us for words. -- all of us forward. i would like to ask the vice chair of the national governors' association, the governor of oklahoma, to come up and say a few words. we will be happy to take for questions. [applause]
9:21 pm
>> thank you. it is a pleasure to be here today. we appreciate you joining us as we open up our session for the governors' association to get numbers for our nation. i want to thank you for your leadership of the nga and the time commitment you have put in for this bipartisan organization as we work together to address the problems facing our nation to try to find solutions so we can move this forward together. we are going to have some very productive days as we get through our schedule. we have great programs that will be held this weekend. it is a very busy weekend. we have a lot of important things to discuss. i want to talk about programs and issues we will be discussing during this meeting. economic development and our commerce committee have been in discussion about federal tax reform.
9:22 pm
that is an issue on the hearts and minds of each of our governors, getting our economic situation back in order. the current tax structure is up for much debate. our slow economic growth and our concern over the sustainability of our federal debt is a few of the components trading the hardships upon our state and the need for comprehensive tax reform in the congress and within our nation itself. the nga has created a task force to develop consistent principles we believe democrats and republicans can support that will address federal tax reform from our governors to be able to present to congress and to the administration into the president. the task force will address
9:23 pm
long-term standing tax policies and how we can help grow our nation's economy. we also face many challenges presented by the growth of cyber-terrorism and its cyber- attacks upon our nation. the nga has created a resource center for state cyber security to ensure we have adequate cyber security for state owned and a state based infrastructure. governors will discuss the issue during the first one of our series which is on the health of homeland security committee itself. a second half will focus on another issue. this is one we have been very instrumental in addressing, and securing our nationwide public safety network.
9:24 pm
we will hear on the development and imputation and how we can work together to ensure success. tomorrow the work force committee will have a conversation about how states can best develop an innovative human capital strategy for our nation and work force and our jobs and to ensure that every child in our nation has effective teachers and we have great school leaders and that we do everything we can do to meet the work force means across the nation. governors are leading to ensure that all students regardless of race or zip code have the ability to move on. we will speak about some of the big issues, the extensive damage
9:25 pm
many states have received from national disasters brought on by a super storm sandy and the floods that have hit the midwest. we are going to be talking about the resiliency of our flood protection that is viable to the health and safety of our citizens. we will be discussing extreme weather events and how we can improve communication once we do have a natural disaster and the coordination between our different agencies and the army corps of engineers and how important the role they play in
9:26 pm
helping us during recovery of these natural disasters. we will be heading to the white house. we will be considering nga policies and hear from -- let me talk about this. we will have one last session to discuss some other nga policies relating to the health of america and how we improve the outcomes of our nation. we have a great opportunity to hear from dr. oz about taking personal responsibility and about the role of personal responsibility and government responsibility in taking care of our health. there is a lot of things that will be discussed in our various committees. that is a quick snapshot of some of the core issues.
9:27 pm
we will be working on some other issues dealing with our national guard. it is of great concern to our governors. we are the commanders in chief of our national guards. the critical role that the national park place in responding to emergencies in disasters here at home as well as overseas where there is fighting. last year we were able to deal with some important issues that were on the hearts and minds of our governors. the federal budget is helping to protect our national guards so they do not take a disproportionate cut in the funding. the nga has been working to come
9:28 pm
up with some suggestions and has worked to convince congress to help moderate some of the cuts we have been seeing. we have also created another task force on how we deal with substance abuse, in particular subscription drug abuse. it is one of the fastest growing up abuses. drug problems related to prescription drugs. i know we will be talking about that throughout our nation. many states have already tackled this issue.
9:29 pm
a new initiative we have developed within the nga to implement a comprehensive and coordinated strategy to help reduce the use of prescription drugs and the abuse within our nation. we have seven states that have been leading this charge. they will share some lessons that have been learned of their analysis of that issue. gov. markell discuss that governors are advocating for various projects. we discussed that governors are advocating for various projects. we are talking about investment in our infrastructure and projects. reauthorization of the secondary education act, restoring the 15% work-force investment act for our governors to be able to work on statewide programs on job training and doing what we think is in the best interests of our various industries as it relates to the work force. we have been doing a lot of
9:30 pm
work. there is still a lot more work to be done. we look forward to having a productive meeting and having some great speakers so it will be helping lead the discussion. these are the pressing issues facing our nation. we appreciate the governors to have joined us today. thank you for coming. >> will also been joined by the new government of puerto rico. we would be happy to take your questions. >> i was wondering if gov. fallin can discuss the division among the states on medicaid expansion. do think it might lead to people moving states that offering the expansion so they do not have to purchase health insurance?
9:31 pm
>> you are right. there has been a divergence of opinions about how states handle be affordable health care act. we respect to the other governors. we know each state has different budgets and populations and needs. they have different unemployment rate. some have different political circumstances. that is why you see states have about a 50/50 split. each of honor has to do what they believe is in the best interests of their state. we believe the expansion of medicaid would be unaffordable. we think medicaid needs to be
9:32 pm
reformed. we think it is unworkable. i think the test will still come in january to see if the government is ready to implement the federal exchange itself and be able to afford that. there are still some legal challenges with the state of oklahoma on the affordable health care act and the taxability on the states. there are these different scenarios that can play out. we respect the opinions and each state has to do what is in their best interest. >> for a lot of us, this is not a partisan issue at all. this is not a democrat or republican. it is a matter of the math.
9:33 pm
for us to have the opportunity to expand the population to have the government pick up 100% of the cost meant a lot of people who otherwise may not have access to good care will now have that access. in addition, we are getting a higher reimbursement for a portion of the population. some of the important developments are taking place in the state and not necessarily in washington. we have a session later today where we will be learning from each other about some of the efforts under way to improve outcomes and reduce costs. there is much more that is going on.
9:34 pm
i mentioned a couple of states that are focusing exactly on that, payment reform with the intention of reducing costs. there is some very exciting work. we get to learn from each other. i will ask if my colleagues want to add anything to that. >> hello. i cannot say i am delighted to be here. we were doing so well up until this moment, right? what i am delighted about is to be able to see mary again from the congress and to meet with all the governors. i think the emphasis that was just made by both governors emphasized that this is a national governors' conference. there has been some concentration lately on some of the difficulties and the
9:35 pm
congress at this time in terms of coming to a consensus. it is instructive for the nation. that is why we are pleased to hear that it is possible to set aside the democratic an ideological point of view to concentrate on the object, to serve our people. this is what this association does. as one of the recipients of the innovation grants, i believe that whatever difficulties there may be now with respect to programs and approaches in the congress, the various governors are engaged right now in a very intense effort to try to determine how we can get better outcomes and get cost controls into place. this is a great example of
9:36 pm
working together on a solution of a very crucial and central problem. i suspect these grants will go a long way toward helping resolve some of the questions of access and questions regarding how we can maximize the efficiency of that access as the numbers increase under medicaid. >> do not hesitate if there is a question you want to answer. >> it is good to see you again. a question. at previous nga meetings, a number of governor spoke about getting waivers from the department of health in order to cap medicaid and then having a autonomy.
9:37 pm
the governor of vermont talked about what he did and what the results were when he got the waiver. are you seeing a lot of sentiment for getting waivers from secretary sebelius at the department of hhs in experimenting with the individual solutions? >> many states are in a continuous dialogue about how to make sure our systems can best serve the people of our states. every time that we have ever met with the president, one of the things he brings up is he says i hear that you would like flexibility. please identify the kind you see. that is a responsibility we are taking on to make sure that we are putting those ideas forward. they have been working with many of us.
9:38 pm
we have some pretty big waivers that some of us have gotten. there are lots of different ideas among set the stage. we appreciated the effort on both sides to grant the flexibility is we need to provide health care for the people. >> as has been one of our main messages to the president, states are great laboratories for democracy. each state is different. my state has some loss we need to improve. i have been working on an oklahoma plan that best meet our budgetary needs but also will be able to raise the health outcome of our states.
9:39 pm
in my state, we will be looking at south health lifestyle choices, obesity, a tobacco use, prescription drug abuse, mental health issues. i put more money into my health care authority to be able to address the woodworking effect for those who will be eligible for medicaid or have to pay a penalty or fine. i am putting more money into health for those that are uninsured. i am also putting money into mental-health illnesses in various programs that deal with emergency crisis centers and systems of care for our citizens to figure out what are the needs of not only our children but are families themselves and to get them into the right system. one of the thing that dr.
9:40 pm
oz has told me in the past is the majority of the diseases that americans face are diseases related to health choices. lifestyle choices. it is the things we do to ourselves. and how can we work with our state and improve the overall outcomes? we have asked the secretary and the president for the flexibility. we have a great program called "insure oklahoma." they're able to get insurance. we would like to expand upon that. we have a waiver right now. they may discontinue that waiver.
9:41 pm
we are talking to the administration to allow us the flexibility to craft a health care programs in our state was something we can afford to be able to do. they have told us our waiver will expire by the end of this year. what the president has told me personally is that if your waivers meet our goals they will be inclined to improve that. there are governors to have applied for waivers that have been turned it down. what is the goal? mine is to improve access to health care. it is to improve the general
9:42 pm
health of our systems and be able to do it in a way i can afford it. and have health professionals that can meet the needs of our population. >> one last point. on this issue, what we consistently hear from the white house is they are very comfortable with this idea of the state's the laboratories of democracy. there are certain things they want to make sure we are achieving. what are we going to achieve? >> medicaid and the road signs are exempt from sequestration. are you concerned that any negotiation to sidestep sequestration will put those funds back on the table?
9:43 pm
>> gene sperling said with respect to medicaid, many of us made the decision to expand and it was based on the deal on the table at the time. 100% for three years. it is pretty clear that this will not change. >> there is going to be a bipartisan message to the president. >> a couple of months ago a total delegation of three democrats and republicans came to washington. we met with the president and vice president. we met with john boehner and his leadership team. we met with harry reid and his leadership team. our message was we think it is very important that governors have a seat at the table. we are partners. we wanted to make sure there
9:44 pm
were a few principles we could lay out. one is to the extent money is taken off of federal spending but he shifted to state spending, that does not accomplished much for our constituents. my view is that that they understood. they have reached out to us. we are pleased with the outrage. the main bipartisan message to us is that governors should continue to have a seat at the table. we know cuts are coming. we do not want to suffer disproportionately. we want input. >> does sequestration protect the states any more than other alternatives? >> look.
9:45 pm
if you take a look at it and when you say "states," it is important that we can talk about the impact. you're talking about the impact on the people we serve. the state of vehicles on of service. it covers everything from substance abuse treatment to head start to work force training. one of the frustrations for many of us is a number of us are seeing the economy coming back after difficult years. we wake up saying "how can we put more people to work each day?" when we see a potential negative impact, that is a real negative. one of the most frustrating conversations and a governor can have is with an employer in our state to says we have vacancies but we do not have people with the appropriate skills.
9:46 pm
one of the things we do is figure out how come we make sure people are properly trained to get the skills they need. many of the programs i suggested is to put people back to work. >> we understand that the federal government needs to make cuts. we are concerned about our federal debt, our deficit, $16 trillion in debt. it is a huge hit upon our national of economy. i think it is a national security and economic threat if we do not reduce our deficit.
9:47 pm
we understand the government will be making cuts. as you identify federal cuts and savings, allow the states to be able to realize the savings to give us the flexibility to be able to make the cuts where we think it would do less harm to our families and children that we service. do not put it on the backs of state governments. we are still recovering from the national recession. there are still states with high unemployment rates. there are still states with budget shortfalls. some states are doing better. do the least harm to give us the flexibility. do not be passing down maintenance of effort were you say you can have the money only if you do this certain level of service. give us some leeway to let us decide how we can enacted the programs and meet the goals be, whether it is improving jobs for our education outcomes.
9:48 pm
allow us the flexibility. we have some great ideas in our states. >> do you believe the show deficits our national security threat? are steep cut necessary? >> i have not heard a single governor not recognize that the deficits and indebtedness is a serious risk on all those fronts. i also want to commence them for their leadership. it is important to look at how we engage people with disabilities. it has been a remarkable success.
9:49 pm
i think we all recognize we will have to be part of the solution and share the pain. we want to make sure we are working with partners as we figure out what are the priorities we need to maintain and what are the best places to make cuts and closing loopholes and finding other sources of revenue. >> good morning. you will understand very soon that my english is worse than his spanish pronunciation. from our perspective, there are two ways. we suggest the loopholes are built before. what we have to think about is
9:50 pm
firefighters, that our people we seek. we have to grow the economy. we need to create jobs. that is why we are here. puerto rico needs to create more jobs. we have to make our economy grow. it cannot be done only by cutting expenses. >> we have time for one more question. >> there has been discussion about whether the administration is overstating the consequences of sequestration.
9:51 pm
i think you talked a little bit about your perspective. gov fallin, was hoping you could address your sense of whether sequestration meet your goals for sequestration. >> we can do it if states are given flexibility. governors understand the national debt is a huge issue for economics predict economic security. the other nurse have had to deal with budget shortfalls. -- governors have had to deal with budget shortfalls. when i took office we had a $500 million budget shortfall. it was a pretty big budget. in previous years they have to cut spending up to 20%. many of our state agencies, we had $2.30 an hour rainy days savings account.
9:52 pm
we were able to prioritize our spending on a state level, provide for a central government. two years later we have dropped our unemployment rate from 7% down to 5.1%. this has done great. we went from having $2.30 to having over $680 million in savings plus revenue growth of over two wondered $14 million. governors do have some ideas. we do know how to prioritize our spending. we have one of the best job growth rates in the nation. give us the flexibility to do what we know how to do best.
9:53 pm
>> let me make one last comment. what the white house has been doing is really important. people do not understand what it means. or people asks what it means, it makes it more real for people. one of the most important responsibilities is to make sure we are communicating in a very clear way what the impact is of different government policies or programs. i think that is essentially what has been happening here. >> we should go back and remember that sequestration was originally designed by the administration as something so odious that it would force both sides to compromise.
9:54 pm
this is something that nobody wants. it is not a thoughtful compromise. >> the uncertainty is really harming our states and our national economy. i have had several companies tell me they're not going to expand because there's so much uncertainty. it is projected we could lose up to 8000 military jobs in our state. we're talking about families. we're talking about their pocketbooks. it is not good to have been sequestered talk every couple of months and have a crisis by not making decisions. >> the question was whether or not the administration was overstating the issue with
9:55 pm
regard to sequestration. it is important to remember that every governor here is dealing with issues confronting their legislatures. we talk about the states as governor, it is not an abstraction. it has to do with our constituents and their budget decisions. it is literally impossible for us to meet our unnecessary requirements putting our projects together. it we do not have a budget from the united states of america. we have been involved in congressional activity. we do not have a budget right
9:56 pm
now. sequestration is a symptom of what has been taking place in the congress of the united states in terms of this budget confrontation and how we resolve it. the case in point with regard to national security, pearl harbor right now, for what happens when you're not prepared? at pearl harbor right now and a command that has responsibility for the largest military security questions to be addressed for the united states in the world, we will be laying off 19,000 people. we can have an argument about whether or not they should cut wages and keep people working or whether or not congress needs to change the protocol.
9:57 pm
the fact is that will undermine our capacity for readiness at pearl harbor. that is not symbolize that far from overstating it is zeroing in on an example of what happens when we fail to meet our responsibilities. sequestration should be a signal to all of is that we need to do the kinds of things we are trying and succeeding to do. they are concentrating on the object in the goal which should be to serve as our constituents nationwide. >> we appreciate you coming. we have an interesting couple of days ahead of us. thank you for the governors and to all of you.
9:58 pm
>> gracias. [applause] >> good morning. that may be my only chance to use a gavel so i wanted to give it a try. i am jack markell, the governor of delaware.
9:59 pm
[applause] what a great way to get this meeting off to a good start. the chair of the national governors association, i want to welcome you to the 2013 nga winter meeting. may i have a motion for the adoption of rules of procedure? thank you/ all in favor? part of the rules for and a governor who wants to submit a new policy will need a three fourths vote to suspend the rules to do so. please submit by 5:00 p.m. on sunday, february 24. i want to thank governor mary fallin, the vice chair, for her leadership. [applause] i want to take this opportunity
10:00 pm
to welcome our new as governors. there are seven of them. the governor of indiana, the governor of montana, governor bullock, the governor of new hampshire, the new governor of north carolina, the number corey -- governor mcquarrie, bernard -- auburn or garcia. and the new governor of washington state. [applause] congratulations to all of you. we are delighted to have you here. i also want to recognize our guest from the white house with
10:01 pm
whom we work very closely. the office of it turned -- intergovernmental affairs, thank you for being here as well. [applause] we have a significant international presence at the winter meeting this year. i would like to take a moment to recognize our death. we are joined by the new ambassador -- our guests. we are joined by the new ambassador from mexico. [applause] also the executive secretary of the mexico national conference of governors. the president of the chinese people's association for friendship with foreign countries, whom we are working with to plan another us-china governors forum in beijing this spring. [applause] we are also joined by the premier of manitoba and a delegation from the canada-
10:02 pm
united states interparliamentary group and our friends from the brazilian embassy and the taipei economic and cultural economic office. if you are could stand. thank you for being here. [applause] you honor us by being here. i became chair of the national governors association in july. i began my year-long initiative, called a better bottom line. employing people with disability. this initiative focuses on the roles of both state government and businesses can play in advancing employment opportunities for people with disabilities to be gainfully employed in the labor market. as governors, we know how cynical jobs and employment are to our constituents in the economies of our states. when a significant segment of our population is kept from participating in the workforce, talent is being wasted and our
10:03 pm
economic competitiveness suffers. implement outcomes for individuals with disabilities have not improved since 1990. during the recent recession, employment realities for people with disabilities got even worse. workers with disabilities left the workforce at five times the average rate. the medium income for this workers is less than two thirds the median wages for other workers. that is why i chose this initiative, building a better bottom line, employing people with disabilities. we can do better and we must. an estimated 55 million americans, one in five, has a disability. it is the largest minority population in our country. disability crosses every demographic and is the one minority population that anyone of us could fall into on any day. anybody who can work and wants to should have the opportunity to do so. advance the employment
10:04 pm
opportunities for individuals with disabilities is the right thing to do. it is the smart thing for government to do. this is an issue of workforce competitiveness. it is part of preparing for an aging workforce, increasing the number of veterans, returning to work, and meeting the needs of businesses with skilled workers. it makes good business sense. employers care about the skills that an individual brings to the job. it does not matter whether you are born with additional challenges, in the case of our wounded veterans, you acquire them later in life. what matters is a person's ability. that is why we are opening this 2013 winter meeting with a discussion about why employing individuals with disabilities is better for businesses bottom line. we will here in just a couple minutes from the ceo of walgreens about why employing people with disabilities have been good for that fortune 500 company.
10:05 pm
it is our jobs as a leader of our states to make sure that people with disabilities are fully included in our society. that means, part of the competitive workforce. making a difference will not be easy, but it is most definitely work -- improving our constituents quality of life, contributing to workforce competitiveness. it is an incredible win-win-win that cuts across party lines. the initiative is dedicated to making a difference. we launched the initiative last july, since then there has been a groundswell of support. many of you have contacted me to express your support. and the support of your agency status. many of whom have shared the innovative practices underway in your states. we have convened representatives from the advocacy community. he convened experts and business
10:06 pm
executives to inform our work. as the initiative continues for the next six months, we are going to focus on educating both the private and public sector as employers about accommodating people with disabilities in the workforce and the workplace and the benefits of doing so. we will focus on how we support state governments in joining with business partners to develop strategies that promote the hiring and retention of individuals with disability. and we are going to focus on how we establish public-private partnerships that result in increased employment to individuals with disabilities. my goal for this initiative is to provide all governors with examples of best practices and other resources for states to advance these goals and achieve them. this coming may, the nga will hold to regional institutes to provide governors and their advisors an opportunity to learn from each other and visit local companies to see firsthand how
10:07 pm
successful businesses are employing people with disabilities and high skilled competitive and integrated settings. the procession will be in pittsburgh, and governor corbett will be our host. the second session will be in seattle, with governor in sleep as our host. i encourage all of you to attend and said -- send teams from your state to work in these issues every day. finally, i want to take a moment to thank several organizations that have made important contributions to this initiative. intel, bank of america, bloomberg philanthropies, and walgreens. the cross-section of rabbit sector support underscores the widespread enthusiasm that i have seen since we began. moving the needle on this issue, which is our objective, is going to require shared
10:08 pm
responsibility. already, support has been demonstrated across elliptical lines -- political lines. before i introduce our speaker, i did want to mention, each of you should have gotten a bad -- bag, a very attractive bag, building a better bottom line, made by people with disabilities from bank of america at a facility in delaware. the bag is filled with cookies, popcorn, dog biscuits, coffee, notecards, and a number of other things made by people with disabilities from around the country. we are very grateful to many of you, spouses and many folks who work on your staff for sending these items to us. we wanted to spotlight many of the things that people across the country with disabilities are already doing. i am making special note of this.
10:09 pm
they could have taken the bag to their room to eat the cookies. if you have not seen it, please ask them. we have a few more cookies available. it was intended for all of you. it is now my leisure to introduce the ceo of walgreens. he has worked there since 1988, started as an -- a pharmacy intern. he is now president and ceo. he served on the board of directors since 2009. walgreens has demonstrated an incredible -- they have been an incredible leader, role model, in terms of outstanding hiring and support for people with his abilities. it started as a pilot program in one distribution center, their inclusion practices have not resulted in great increases in productivity and improvements in company culture. it practices have now been
10:10 pm
expanded to other distribution centers. i met greg a few months ago when i was invited by senator tom harkin and congressman pete sessions to a meeting they were hosting for business leaders up at a walgreens distribution center near hartford, connecticut. mr. watson was sharing at that meeting with other business leaders his view that hiring people with disabilities is not about charity, it is about what is doing what is best for the business. that is the message he brings to us today. we are very fortunate to have him, with that i ask you to join me in welcoming greg watson. [applause] >> thank you governor markel for that kind introduction. it is a pleasure to be here. i must say, getting up at 4:30
10:11 pm
to get a 6:00 a.m. flight, -- it is good to be here. i did get the opportunity to go down and see our new store opening at seven and -- in chinatown. i was talking to our construction folks and wanted to make sure that we had a pharmacy signage in the building in mandarin. the construction guy said, we did but we had to send the first sign back because when we translated it, it said funeral parlor. we do try to fit to the local community. i invite all of you, if you get an opportunity, to go down there. i will start by uploading all of you hurry and certainly the national governors association on your initiative to improve employment opportunities to folks living with disabilities. i think you're better bottom line initiative is spot on. anyone that knows me will not
10:12 pm
be surprised, i put my remarks into three buckets for this morning. i will give you a brief update on walgreens, i promise not to turn into a commercial. second, i will review our experience in employing folks with disabilities. third, i will discuss ways that i think we can work together with the nga's at your bottom line initiative. let me start with my first bucket, first by thanking all of you and your states for working with us over the last several years. today as our healthcare system strives to explain and care, we believe walgreens is in a position to help. if you have been in some of our newly renovated stores, i'll believe see that we are not the old drugstore anymore. we are trying to be and becoming a leading healthcare provider to communities in your states across the country. we have more than a dozen stores -- 8000 stores.
10:13 pm
we have 70,000 healthcare service providers that we believe are on the frontline of healthcare. that includes more than 26,000 pharmacists whose time we are freeing up to allow them to spend more time providing services. we know that if people take their medications properly, we can avoid billions of dollars in medical related costs. we have also certified all of our pharmacist to be able to provide immunizations and vaccinations. we are now the second largest provider of immunizations to the us government. we handle over 350 nine scrapped it and there is -- nurse tactician there's -- nurse prac tioners. we have over 400 health and
10:14 pm
fitness centers on the campuses of large employers where we help them lower our healthcare costs and bend the curve. 200 medical campus pharmacies and health systems across the country. working with many of them to help reduce readmission, which is obviously a costly impact to employers and government entities such as yourself. finally, we are the nations largest provider of the fastest- growing sector of pharmacy. our goal is to advance the role community pharmacy can play in healthcare and bring additional solutions to haters across the country. ayersully i did not -- [p across the country. hopefully i did not turn that into a commercial.
10:15 pm
my second bucket, while he made the commitment to employing people with disabilities. how we are doing that and the results we are seeing so far. one thing we do believe is that you can do good while doing good business. this is a great example. giving folks with disabilities a chance to work at doing just that. we recognize that people with disabilities are a vastly underutilized workforce. these are folks who want to work, they can become qualified to work in a variety of positions with simple training, and they have a deep down commitment to do the best job they can. a company of our size was 250,000 employees in locations in just about every community, we cannot afford to overlook or underestimate any talent. i don't think any company can today. that is the why behind our
10:16 pm
commitment. now i will walk you through the how. our efforts began over 10 years ago come when our senior vice president of supply chain, randy lewis, who just retired and is with us today somewhere, his son austin is autistic. randy had a lifelong dream of creating a work environment that would allow us to employee folks with his abilities. he convinced us that it was the right thing to do. as the governor said, we decided we would start with the opening of our next distribution center which was in anderson, south carolina at the time in 2007. here is how we did it. we worked with the local agencies to train and attract people with disabilities for employment at the facility. we made sure we had the appropriate training for our managers. we committed to ensuring an
10:17 pm
exclusive workplace for people with and without disabilities, working side-by-side. that was critical. i want to be clear, this was not charity, this was business. jobs and expectations were the same for folks whether they had a disability or not. all employees were held to the same work standards and for the same pay. we also set out to create a sustainable model that we could implement at our other existing distribution centers and roll out with our next generation of centers as we open them. that said, we opened our first center in anderson in 2007, two years later, with the learnings from there, we opened our center in windsor, connecticut. today, 43% of the employees at anderson and 50% at windsor have a cognitive or physical disability. excuse me.
10:18 pm
i can tell you, these folks have proven themselves. i have a quick video, if we could play right now, that could tell the story better than me standing up here. >> ♪ this is not about charity. we did not lower any of our performance standards. every team member is expected to perform at the same high level. same pay, same performance, side-by-side. >> i need to learn from this person. i need to take things from them. i may be the manager, but, you know, i am learning here from my team members. >> he talks in a more positive way. >> every parent of a child with a special need, their hope is to outlive their child by one
10:19 pm
day. i do not have that fear anymore. i do not feel like i have to outlive him by one day anymore. >> mom and dad, i want to work at walgreens. this is what i wanted. that is where my heart was. since i come over here, i have fell in love with this place. i would not trade this place for nothing. >> the surprising thing is, you start out wanting to change the workplace. what we found out was, we were the ones who were changed. >> this chance is important for a lot of people. special need, they come out, strive, be their own person and not feel like they are held down by anything. >> my first check, i took it home, my mother looked at it -- she started crying. why do you think she did that? i don't know. but you know.
10:20 pm
>> as the governor said, last summer we hosted our first ceo summit on employing people with disabilities at our windsor, connecticut center. during that summer, we gave all the attendees a tour and first- hand look at what we do. we also shared some of our results which i will share with you now. we gathered 400,000 hours of data across distribution centers and 31 job functions. this eta has been studied -- data has been studied and peer- reviewed. without a doubt, people with his abilities can perform. here is what we have seen, 20% fewer accidents in the distribution centers. 70% less workers comp off. -- comp costs. lower absenteeism, and twice a retention. that is a positive impact on
10:21 pm
our overall workplace culture. like randy said, we started out to change the workplace and along the way we we discover that we were the ones who were changed. as a result, the managers who have worked at anderson give it our highest rating. those are the folks that have gone from one distribution to the other. team members working there, with or without disabilities, turn in the highest performance in our supply chain. here is a very important point. we learned that a commitment to employing people with disabilities did not require automation. that meant we could do it everywhere. we could spread it. on average, over the last two years, one out of three new hires in our 20 distribution centers across the country has been a person with a disability. he employ more than 1000 people with disabilities in our distribution centers.
10:22 pm
that is about 10% of our total supply chain workforce. they earn the same competition of their typically abled colleagues. next up, we have been been piloting the program around employing people with disabilities at our retail locations, which we call ready -- the retail employees with disabilities initiative. imagine the impact we can have with our 8000 stores in all 50 states and puerto rico. he started with a pilot in texas two years ago. we have expanded to more than 150 stores throughout texas, new york, delaware, and connecticut. we recently announced an expansion to the program across the state of wisconsin. i want to thank the governor for his commendation for the program. altogether, or than 200 folks across the country have completed their four weeks of their training service course using training developed with local community agencies.
10:23 pm
many of them in your states. about 60% of the folks we have trained have been recommended for higher. -- hire. these folks are busting a myth that should have been busted a long time ago. that people with disabilities can perform well in these kinds of public facing, fast-paced, multitasking jobs. our new store clerks are proving that with training, people with all sorts of disabilities can do quite well in a retail environment. that is encouraging. we did not or could not do this alone. we collaborated with state and local agencies along the way and providers that serve people with disabilities. we worked with them to help us find qualified employees and developed the job training programs for them. my third and final bucket -- working together with states and agencies. there are three ways that i hope we can work together to help you with your bottom line
10:24 pm
initiative. by week, i am not just suggesting walgreens, all companies moving in this direction. first, share our experience, including the ideas and suggestions that came out of our ceo summit last summer. we can show the pitfalls and specs -- best practices. we can raise the visibility around the effort and raise awareness of the bottom-line business. that is critical. the second way is more tangible. we can help your state agencies and their contractors work with each other and the public sector or private sector. we can identify barriers and help untangle some red tape. we can develop active partnerships with companies, creating a custom tailored solution for each location. this cannot be a cookie-cutter approach, each company is different. we can help agencies identify ways to be as creative and flexible as possible without
10:25 pm
breaking the rules and applying regulations. finally, i think we can support and encourage our schools. -- to play a significant role in this effort which will make a big difference as they help develop our youngsters and their work capabilities. the third way we can work together is the simplest of all. that is just opening doors and eyes to what works. in that light, i invite all of you to come and visit our distribution centers. ring representatives from companies in your states if you would like. certainly we have team members and managers that will help you and help them see the best practices and hear the best practices that we have. the important thing is, if you have companies come visit, don't just bring leadership, but bring operators, because they usually ask the right questions and the toughest questions. i had an old box that told me years ago, the best form of
10:26 pm
management is show intel versus just telling. seeing is believing. if you want to see for yourself. the reality is a true public- private partnership is a win- win-win. people with disabilities who want to work, get a chance to work, they get a chance to earn a living and contribute to the economy. they gain independence and become less in need of other assistance programs. companies like ourselves get a whole new pool of productive, enthusiastic people. first aid, it can positively effect your economy. we are told that employing people with disabilities at our anderson center actually saved south carolina $1 million in medicaid services in two years.
10:27 pm
so, i am just about out of time. i probably violated the number one rule in business, which is, do not share your trade secrets with other companies. this certainly isn't something we think we should keep to ourselves. with all the good that we can all do for these folks, our companies and the economy, that is a risk that i am looking forward to taking. if it helps your states and companies benefit, so be it. maia angelou said, the greatest danger for most of us lies and not adding our into high and falling short, but in setting our aim too low and achieving the mark. i can think of no better way for a company to do good while doing good business than employing folks with disabilities. thank you for the opportunity. hopefully it has been beneficial. [applause] >> we will open it up. greg is happy to take some
10:28 pm
questions. lee's let's get started. started. , let's get >> i want to thank you, jack, for having decided that this was your personal project for your year at the helm here. it is a great project. it will have long-lasting impact. every person with disabilities who has previously not been employed into we can have employed as a result of the leadership being demonstrated by walgreens and your leadership as well stands as a testament to our humanity and our willingness to save ourselves some money at the same time. i have to say, i visited the center and took the tour with randy, a great tour guide. very proud of what you all have accomplished. if i remember correctly, your original goal was to have 25% of your employees with
10:29 pm
disabilities. you have blown through that with 50%. i hope one day you get to 80%. i will also tell my fellow governors, since i first went to the walgreens site in windsor, we reached an agreement with three additional companies to the large customer fulfillment centers, one of which is an online marketer of products who were not too happy with us when we decided that they should be subject to our sales tax, and now we have reached an agreement with them to collect that sales tax and build a customer fulfillment center. every time we are having a discussion about such a center, we are taking people to walgreens to see what is going on areas i urge you all to come, kathy and i would be happy to
10:30 pm
put you up at the house for a night if you agree to go see walgreens in windsor. it is about 20 minutes from the house. i do want to make one point. there is a synonymy of folks with disabilities who were once thought to be unemployable who are really employable. this issue with autism and the spectrum means that we are all going to have a bigger problem to deal with in very short order. if you look at the impact of the two wars we have fought, particularly the fight for some number of months in one case, we have also produced a lot of people with disabilities. there is nothing better we could do to honor the service of the men and women who have become injured and can't come home with disabilities and to find him a job. there is nothing more cost- effective than to do that and
10:31 pm
make sure our children with autism and other disabilities have a job. the number on the medicaid side is extremely important, but it is about all of the other wraparound services that we are otherwise providing, which walgreens has stepped in and provided through a salary. we need to do all that we can to bring this about. final point, they are great partners. we work with them, our commissioners work with them, we put all of our social service commissioners, instead of having them work in a silo, we talk about walgreens on what we are trying to get other companies to do on a regular basis. they did not ask for much. one change we had to make in the state of connecticut is, we put a bus stop at their front door. that's it. we put a bus stop at their front door. instead of having people on
10:32 pm
load themselves or load themselves 250 yards away, we simply agreed to bring the best in, have it stop at the front door, discharge the people and have them leave. this is doable. everywhere. what i want to know is when you are going to build another one in connecticut. [laughter] >> thank you for the kind remarks. you are right. our goal was one to five percent. we far exceeded that. that is the key, set a high bar. it challenges and forces everyone to go out and do things that we didn't think were possible. thank you very much. >> thank you for being with us. one thing really intrigued me. you talked about the early stages, how you set this in motion and how it emanated from one of your executive officers. could you speak more fully to how you set that vision internally, what kind of by him
10:33 pm
you got -- buy in you got, from the internal perspective? >> first and foremost, you need a champion. with any big company initiative, you need a champion. a lot of that credit goes to the guy behind me, randy. in many cases, you need to happen in operations. you need a line to drive it within a facility, tremendous support from central hr. it is best done in line operations. it was very easy to get a groundswell of momentum and support, because people knew it was the right thing to do. it was really more of the house. once we figured out the how, it just took off on a life of its
10:34 pm
own. one of the things we are finding, a lot of the barriers i am talking about, we learned that we can remove, some of the standard processes, for example, an online job application, we did not realize at the time that in many cases, we were blocking someone with a disability that may not be able to navigate that who could be a very good employee. they did not get the opportunity. umber one, you have to have a champion, empower them, then stick it in operations. let it gain the momentum that it did. >> good morning. i also want to thank governor markel for bringing this important issue on the agenda. pregnant, for your leadership and your business. i have a question -- greg, for your leadership and your
10:35 pm
business. people think that people with disabilities need medical care. i used to practice emergency medicine. increasingly we saw people in the er who did not have emerge in problems that needed some care that fit their work schedule. opening healthcare facilities in places like walgreens makes eminent sense. the question i have, you move more into chronic care management, b this is a question for your hr people. how do you do a continuity of care, given the fact that many cases you have a person with chronic conditions seeing five different physicians who do not know what they are doing? how do you deal with that? are you doing anything with electronic medical records question mark >> that is exactly it. we need connectivity. our healthcare system does not need further fragmentation.
10:36 pm
certainly, as we begin to expand our scope of services and allow our pharmacist to practice at the top of their profession, nurse practitioners who can practice at the top, those two healthcare professionals can provide a lot of the care in the country. we do not want to fragment. we are investing in electronic medical records. we want to be the primary care physicians partner, not a separate solution. we think that access to affordable, high-quality care is absolutely something that we can help the nation with. healthcare it is a big part of that. we have to connect with physicians. >> hello how -- aloha. thing to very much. it is not clear to me when you're speaking about disabilities in general, can you give me some example of the
10:37 pm
spectrum of disabilities you are speaking about? i am thinking myself, as an adult, i acquired a seizure syndrome. at the -- epilepsy is a generic term. very little is known about it. it scares people. many people who have to contend with epilepsy in its arc of constant seizures to occasional, find themselves in a situation where they can be employed. people are afraid to employ them. will they be able to deal with it? you mentioned autism, but the entire spectrum of what constitutes disability, some has to do with limbs, some has to do with conditions that may be sporadic in nature. i am interested, what is the spectrum of disability? how is the world -- were
10:38 pm
disability defined for un walgreens question mark second, how do you coordinate with those agencies that deal with helping people to be able to contend with a life? i am a member of the federation of the blind, dealing with deaf children, those kinds of things. do you have an ongoing relationship or contract with agencies from goodwill to the national federation of the blind to excellency -- epilepsy society's question mark that may exist principally of parents and researchers and people affected by, as opposed to something more broad-based. >> good question. the first question, without being too high level, folks with all cognitive and physical disabilities we think are a
10:39 pm
candidate. that does not mean that we can employ every individual, but what we are finding is, we can employ many more across the spectrum than we realized. for example, we used to have a policy, in a distribution center, you need safety with the lift trucks and so forth. somebody that may be missing a limb, you would not have thought that maybe they were a candidate. we realize, with the proper training, accidents have gone down across the spectrum. i would not recommend eliminating across any disability. it is really the training and opportunity and figuring out how you can put them to work. as far as the agencies, that is probably the biggest opportunity that we have together. there are some great agencies out there trying to do some great things. some of the things that we see would be to your point many times. we are working with several agencies. that focus on maybe one
10:40 pm
situation, whereas it would be kind of good to collaborate and work together. the number one thing we need as we move forward, we have to find good partners. ending time with the states and agencies agencies who can really be good partners, it is really about the sourcing. we can create the training internally, ourselves. it is really working and finding partners who can help us source and then bring people in. hope that helps. >> can i just add something? it is a in porton -- it is important, we are not asking these companies to provide social services. beyond the job. the rule is, the person has to be able to get to the job themselves. you do not transfer the person. this is about convincing people
10:41 pm
to open their doors, make positions available, and then the state and societies and interests need to continue to do their part on behalf of these individuals in making sure they get the services outside of employment that they need. we can't have employers think that we are asking them to provide a full body of services, otherwise the whole system breaks down. >> before i go to governor, i think the question he is asking , is at the core of what we're trying to get at. we do have a session tomorrow were a number of governors, we invite all of you, but a number of governors will be talking about specific things they are doing in their states on that point. we will also have a panel of experts -- one example, one thing we heard as we have been engaging with folks from around the country, one thing to many of our agencies do is take a list of names to an employer and say, can you please find
10:42 pm
employment opportunities for these people? as opposed to first going to the employer and saying, can you please identify for me the skills that you are looking for. and then i can go back and check, these are the people i have, they may have any range of disabilities. the focus is on the ability rather than the ability -- his ability. for the purse part of your question, we have been consulting with people of every possible disability. it has been an incredible educational process. hopefully governor do guard can tell his own stories, he has amazing insights as well. >> everyone represented here is involved in public policy and significant employers. as you look at this from the business side, towards the government side, what kind of initial adapters and tasks and opportunities are there? there are millions of people represented as employees here.
10:43 pm
we have a shared responsibility similar to that. you have your share holders and whatnot. what advice do you have to us in the public sector of types of tasks or responsibilities that might be quick adapters so that we could be partners in breaking down barriers, but also partners in the actual accomplishments of employment of folks with disabilities. >> the number one thing, with employers, is to invite the agencies in to come in and identify, so that we can help them with the services we are looking for. in the retail setting, we are finding that we can employ folks all the way from front cashier and so forth. there is not a limit. as far as the state, if you're asking me how you can employ
10:44 pm
folks of cognitive disabilities, i would not limit myself. it may, they don't have the answer. not limit yourself. we have opportunities to employ folks we never would have dreamed of before. it has to be good business. to make this sustainable, it has to be making sense for the business. we constantly say, it is not charity. we want something that is sustainable. just a limit yourself, begin to identify tasks, believe that you have opportunities for, then figure out and bring the agencies and -- in, and let them go back out and source it for you. >> your question is also part of the initiative focused on the public sector.
10:45 pm
>> thank you governor markel for your leadership on this issue. it certainly brought light to a lot of issues that we might not have considered is governors. i was intrigued by your comment that you saw a 70% job in your workers compensation costs areas normally you might think that if somebody has a disability, there may be a safety cost to that. you are seeing less cost, that is a big issue for businesses across the nations. can you talk a little bit about that? >> it is across the entire enterprise, not just folks a disability, but our typically abled folks. i think what happens is, as you begin to really look at how you can best employ and make sure that all hires are productive, you gain productivity and safety across the entire enterprise. that you may be able to transfer
10:46 pm
the learnings from what you have done to make sure you can allow someone to do a specific task. that is what we talk about, the fact that it is not just an opportunity to employ someone in an agency. they may come in and say, how can you use our folks? it is identifying needs and then focusing on how it cannot your business. -- can help your business. question for you. do you come across employers who are worried that, if i open up the door to applicants with disabilities and don't hire them, then now i am worried about discrimination lawsuits, i would rather just not get into it. i do not want to learn about
10:47 pm
those lawsuits. do you see that at all? >> we have not. we are working with a lot of different employers who we have brought in and let them see what we are doing. what of the code push it through to, -- one of the common questions we get, if they are not performing, what do we do? you treat someone with a disability the same way you deal and treat a typically abled person. you have to be completely fair and consistent across the board. we have not experienced that. then't know if any of governors have. we have not. >> anybody else? let's hear it for greg. [applause] >> we will have more from the
10:48 pm
national governors association tomorrow, starting live at 9:30 a.m. eastern. that is when business leaders discuss them in her markel's initiative on employing people with disabilities. then 2:30 p.m., a forum on education. that is tomorrow on c-span. [captioning performed bynational captioning institute] [captions copyright nationalcable satellite corp. 2013] >> i think it is pretty accurate that they do not play by the rules in those cases. i think they bend the rules to fit their consents -- circumstance. i think americans tend to be more legalistic, we want things
10:49 pm
on a contract. once we see things on a contract, we think, that is the be-all end-all. the chinese agree to any agreement, but when the ink is dry, they try to figure out a way to get around it. >> words that come from? >> it is a relentless drive to try to get ahead. it is what built the place over the last 30 years. a relentless drive to get ahead, to get better, to improve. stacy some of the strictures we put on them, they see that from their perspective as we are trying to hold china down. we operate in a world without rules for years to build our economy up. that we got to the top,, we are trying to hamstring them with rules and regulations. >> former "washington post" columnist keith richburg reporting on insights from around the world.
10:50 pm
>> this session of the national governors association intermediate -- winter meeting. among the speakers, richard park, michigan's chief security officer and the chief information security officer for the shoe company zappo's. it's is about 90 minutes. >> good afternoon. i am governor brian sandoval from the state of nevada. the meeting of the national governors association on homeland security is called to order. thank you for joining us. the briefing books for this meeting were sent to governors in advance and include the agenda, speaker biographies, and background information. the proceedings of this committee meeting are open to the press and all meeting attendees.
10:51 pm
as a consideration, if you would take a to ensure that your cell phones are silenced. i would also like to consummate governor o'malley -- complement governor o'malley. before moving to the main portion of our session, or taking our nation, state cybersecurity, we will begin with an executive briefing on the broadband network. last year, congress passed legislation or public safety and provided $7 billion for the nations first broadband network for public safety. this is intended to modernize communications by giving first responders reliable access to broadband technologies like video and e-mail. this also established the first responder network authority to oversee the construction and maintenance of the nationwide network.
10:52 pm
as they continue to develop and construct a nationwide network, the governors will be required to make the decision of whether to move forward or to offset out and construction there own network that meet the requirements for an interoperability. mr. ginn has worked here for more than four decades. beginning in 1960 as an engineer with at&t. he went on to serve as chairman from 1988 to 1984. he is currently a senior adviser at green hill and has served on several boards.
10:53 pm
he will be providing an overview of the conceptual design. we will also discuss how they intend to engage was state to ensure the nationwide network is a success. he's also joined here today by several other members in our audience. fire chief jeff johnson. new york city deputy chuck spoke to the governors about the importance of this meeting.
10:54 pm
mr. ginn, we are pleased to have be here to discuss plans for the network and how states can work together to ensure the success. good afternoon. >> thank you. it is a real pleasure to be here. i would like to think nga, heather, and her staff and all of the governors to worse on the -- who worked on the passing of this legislation. it actually allocated $7 billion so that we can engineer a nationwide network that is interoperable, secure, reliable, and most of all, local control. if you think conceptually about what we're trying to do here, we are trying to put wifi across your entire state and then you
10:55 pm
can plug in the capabilities you want and the degree to which you want them and the amount you want them to run your state. it is important to say this. the first question we typically get is this is going to be a nationwide network and we will lose local control and we will not be able to run our own operations. that is that conceptually what we are talking about here. we are detecting a national network. that is the only way you can get interoperability not only from police to fire to emergency to medical but across state lines. if you send a crew from my home state of alabama to colorado to fight a forest fire, you want the instrument they take with them.
10:56 pm
the communication systems to be able to work when they get to the colorado fire. this takes on a new term here. to do this we are going to need your help and your cooperation. we have a significant outreach program that we're putting in place that asks you to appoint a state coordinator. we are going to come out and make a number of visits to your state. it is very important that we understand the facilities that you have and the requirement that you want so we can take those back and feed them into a national architecture. when you think about it, this is the largest telecommunications projects in the history of the united states. it is going to cover every square meter of land in the
10:57 pm
united states. it is going to be able to penetrate the basement of manhattan and cover the forest fires in sierra nevada. we have an enormous challenge before us here to construct this network. you have to be a part of it. you have to make sure that we understand what your boots are and we can construct the system to meet your needs. i need to say a word about the board. i could say it is a wonderful combination of people from public safety and private equity.
10:58 pm
on the technical side, you can have confidence in our technical capability. we have people that have built a wireless systems all across the united states. they have built systems in spain, italy, japan, korea, and india. and probably a few that i have forgotten. i want you to have confidence that we have the technical expertise to deliver this system to you. what you need to do for us is make sure we understand your needs. another point i would like to make is one that may be not so obvious. this system is transformational.
10:59 pm
you have been pushing for voice transformations. what we are going to do is put a massive data capability right at the public service working level. what that will do is allow you to develop services that will lower the cost and answer your customers better. let me give you a simple example of a situation in california that happened a few months ago. it was a fire chief in a restaurant. a person had a heart attack and died in the same restaurant. had he known about it he felt he may be could have saved a life. he went back to his cpr classes and as civilian volunteers if they would volunteer to let a
11:00 pm
dispatcher know of the location so that when another call comes in the dispatcher can look up and call the closest person to the heart attack victim and essentially have a better chance of saving their lives. and have a better chance of saving their lives. that is a simple application. my prediction to you is that a decade from now he will have thousands of those applications embedded in your public safety experience. it will transform how you serve your citizens, across structure and service capability. i am going to encourage all of you to work with us, be our partner, and help us define the requirements of the system.
11:01 pm
we know how to architect it, build it. thank you, governor, for this opportunity. >> do we have any questions? this was a big win for this organization. this was an instance where democratic and republican governors came together with our organizations, law enforcement and first responders, to make sure that this was reserved for first responders so we could finally build out an interoperable communications network throughout our country. you have a question? >> thank you for today and for the panel you have convened. elinor o'malley, governor -- governor o'malley,
11:02 pm
governor sandoval, as that money been appropriated? the $7 billion cover the cost? it seems light, which is difficult to staay. can you give us where we are in the time frames, and in terms of input, is governor o'malley or governor sandoval actually on the committee? that would be a key component, to have a sitting governor on the committee. >> we are going fast heather hogsett. le>> in response to the funding question about where the $7 billion is coming from, the legislation that reallocated the d block did so through special auction proceeds, so it is not a new fund. it is going to be auctions that
11:03 pm
will be conducted by the federal communications commission. those auctions have the dedicated to help fund the network. there may be additional funds come up with the $7 billion have been earmarked under the first network authority. >> we also directed the treasury to loan us $2 billion to get it started. >> what we are selling is part of that d block or is it a different spectrum that is now commercially available? where are we taking from. >> it is a totally different section of the spectrum that has not impact to state or local government. it is going to be auctioned for commercial purposes. >> will governor o'malley -- and i don't mean to volunteer you,
11:04 pm
although it is not a bad idea. in terms of representation, i appreciate the outreach you are asking for. i think that is the request of us today, how we stay involved. in terms of governors being day- to-day today, heather, how is that going to work? >> the board appointments are made by the department of commerce. the next time there will will be a couple of openings. the appointments are one, two, or three years. that is dependent upon the department of commercce. what we have done is at the cape with the board, and they have been happy to work with us. we are on the executive committee for the he public safety advisory committee that will advise the board. in g a holds one of the vice -- nga holds one of the vice chair seats.
11:05 pm
and a subcommittee has been put together to address state and local concerns here it . >> i think it would be good to have a governor on the board. what is happening in the next year? is it a three-year plan? i know some of this you are still working on, but give me a sense of where this is going and time for the stakes to submit grant requests. are they paid up front or is it half now and half later? >> the grant requests are handled by ntia. that has been announced. you will be getting funds to organize within your state to communicate with first met. -- with firstnet. this has been an interesting experience. i have a commercial guy. i am not accustomed to working in the government world. it has been an interesting experience. we started out with a board of directors, but no employees.
11:06 pm
no culture and no strategic plan and no measurement systems, nothing. we have been in existence for about four or five months and we are beginning to put those structures in place. we are coming along nicely. we have the technical expertise to get this done. the other thing i ought to mention is, conceptually, we are a company with a board of directors owned by the government, but with some independence to build the system. i think that is important. i think you are right that the board of directors of firstnet are in a position to greatly influence the project itself. we are developing requirements. we have architected at the top
11:07 pm
level the system. we know what it is going to look like. now we need to build in the pieces of the system. i would say we will be able to do that in the first year. >> thank you, mr. chairman. i think there is a lot to this. i think heather will have to continue to see how the governors can be actively involved, because the expense looks extraordinary to me. just in wyoming, which is the most world -- one of the most -- we are talking about a tremendous expense. we are talking about opt in or opt out -- when governor o'malley and i worked on the d block together, i think the content is important, but the details on how we go forward are going to be doubly important. >> i think i heard you say that
11:08 pm
are ejected his -- that our objective is to cover every square inch of land in the united states. we are taking on the responsibility to cover every square meter. >> if you can do that in wyoming, you are making tracks that have not been made before. it is going to be a challenge. >> we may do that to some extent satellite, but we will do that. >> governor, thank you, and thank you for your leadership on this issue and in the past on the homeland security tax force that this committee has morphed into. any other questions -- very quickly? >> with the states have control over the local capacities? >> that is in the criteria. but good. -- >> good.
11:09 pm
>> another question, in terms of vices, will it ber less than other boraroadband ser vices? >> there is no reason why it shouldn't be. if you buy locally now, you probably pay five times what we would play fay. i think we will have nailed -- failed if we do not build this neck cheaper than you -- this network cheaper than you could build it. >> there will be the expensive that states that local governments have to come up the dollars for an order to build out their own interoperable communications with their first responders thomas so i hope there is some accommodation. if we are going to control this m, i hope youru,
11:10 pm
also give us the capacity to work out leases to give us the ability to preempt but also allow us to raise dollars of the local level so we can buy investment -- >> the question is could the individual states do that better, in negotiating with at&t or sprint or verizon, or could we cut a better deal nationwide? whichever way it goes, you want to plow those savings back into the pricing structure. >> which then goes back to governor mead bu's point that e should have a governor on the panel. >> i want to talk to heather -- i just talked to heather and she told me the appreciation
11:11 pm
[indiscernible]on behalf of my colleagues, territories -- >> territories are included. >> and order rico. -- and puerto rico. [laughter]>> once we are all connected and have that internet and broadband going, we will get through those annoyances. anything else on this? mr. gynt, thank you for your comment and your good work -- mr. ginn, thank you for your comment and your good work. heather, we should set off another letter because this will be imported in maximizing the value of this and whether that will be something that is intercepted by the federal government or if we actually had it so we can achieve interoperability among our first responders who need to respond to 911's.
11:12 pm
let's move into the next topic, which is going to be the balance of this meeting. we are also joined by governor brewer from arizona. thank you for her work on this issue. governor fallon from oklahoma. governor abercrombie from hawaii. governor malloy from connecticut. we have a number of distinguished disasters here who are going to be talking to us about the cybersecurity imperative that we face as a nation and a state. last month, janet napolitano warned that a cyber 9/11 could happen at any moment with the potential to cripple our nation 's electrical grids and our information networks. over the last several years there had been a tax on cyber networks that have increased in their frequency and in their sophistication and now have the potential to inflict even more
11:13 pm
serious damage on our critical infrastructure, such as our water treatment facilities, electrical grid, financial networks, transportation systems, and so on. cyber attacks have emerged as one of the nation's greatest threats and require all governments to work together. in our state governments, all of us are trustees of sensitive personal information, at our nba's, our health departments -- our mba's, our health departments, supporting emergency response, private sector partners, and all of these things require a new level of vigilance in this error where people all the way on the other side of the globe can potentially enter our networks, and them, skillteal secrets
11:14 pm
come at us and vulnerable times that we may into city in the future. i also want to make this other announcement. there is no one-size-fits-all solution. governor rick snyder and i recently announced the creation of the resource center for state cybersecurity. we want to thank our corporate sponsor, citi, hewlett-packard, ibm, whose partnership helped make the resource center a reality. working with state and local governments, outlook safety entities, and the private sector, it is the hope this new resource center will closely examine the role states can and should be playing to ensure that the security -- to ensure the security of state networks to secure the infrastructure. it is our hope that the resource center will log and a five --
11:15 pm
will identify best practices. that is like accomplishing the r&d for those of us in state government. we have one other announcement. tomorrow we will also, all governors are invented to a governor only top-secret briefing provided by the department of homeland security. that will be from four clock to 5:00 p.m. this will focus on how those threats they've affect our states. i want to encourage all governors to participate. i know that it happens at a time between our last meeting and when we are supposed to be at the formal dinner at the white
11:16 pm
house. we will keep the james bond jokes to a minimum. [laughter]we have a number of experts. before we hear from them, i would like to ask governor sandoval for any opening remarks. >> thank you, mr. chairman. i appreciate the opportunity. state networks and critical cyber infrastructure are attacked on a daily basis. protecting these networks are one of the most resting issues we face today. in addition to storing vast amounts of personal data, we rely on these networks to conduct state-level activities, including homeland defense and emergency response operations. a properly coordinated attack has the potential to disrupt multiple state agencies or even multiple levels of government, or venting essential services from reaching our citizens. this past october tom a the national association -- this past october, the national association released a report
11:17 pm
that found the majority of states are not adequately prepared or properly equipped to respond to a sophisticated cyber attack. according to the report, while states have made progress in their protection capabilities, shortages of qualified personnel and resources have lesft states unable to address the advanced the nature of the attacks they face. without proper resources and personnel, states have also had difficulty putting procedures in place to respond to the successful breach in their network. in addition to compromising personal information and state- based infrastructure, mitigating and preparing -- and repairing these breaches can place strain on state budgets. our success in the fading -- in defending our states and nations is depending on our ability to develop a commonsense sense approach to cybersecurity.
11:18 pm
we must work together across all levels of government to identify best practices that safeguard our information systems and illuminate our vulnerabilities. just as important -- we also need to begin to prepare now to quickly and effectively respond to and recover permit breach in order to reduce potential disruption to our daily lives. i look forward to hearing from our panelists in discussing how we can better respond to and recover from a cyber incident. it is my hope that our discussion today will also provide governments with the information they need to engage with our congressional leaders as they continue to develop comprehensive cybersecurity legislation. i welcome our speakers and look forward to hearing from you u.ry as >> we are pleased to have our first two speakers. the first is matur. richard
11:19 pm
clarke. he served on the last three administrations as a senior white house adviser, including a special advisor to the president for cybersecurity and national coordinator for security and counterterrorism. he also worked for several years in the us department of state for political military affairs and as the deputy assistant secretary of state for intelligence. in addition to this current role, he is an adjunct professor at the harvard kennedy school and author of several works related to homeland security and national defense, including his latest work, "cyber war: the next threat to cybersecurity." dan lohrmann, a norma native of maryland. he began his career as a
11:20 pm
computer systems analyst with the national security agency and served in a variety of positions in the public and private sector for over 25 years. in 1997 he served as chief information officer for the michigan department of management and budget. prior to his current role, he worked for several years as michigan's chief information security officer. in october 2011, he was appointed the state's hearst chief security officer by governor rick snyder. let's begin with richard clarke. >> thank you, governors, for the opportunity. an awful lot of price has -- a press has been devoted to cybersecurity. it includes the president saying in the state of the union that foreign entities that an act their way into our power system controls our water system controls, and that they were stealing our wate dust real sec.
11:21 pm
.ur nationa-- our industrial ses there is a pandemic of foreign espionage going after our companies, our research institutions, throughout the country. part of the problem with cybersecurity is it is three different issues. people tend to lump it all together. when you do that, you cannot solve it. i suggest you start by disaggregating it and realizing it is three different things. one is crime. cyber crime. it is the same as any other form of crime. it is about stealing money. they steal money by hacking into systems and writing themselves checks were stealing credit card numbers. the second is espionage. this is not james bond in a tuxedo. this is someone in china hacking their way into a company and
11:22 pm
stealing any information that company has that is of value or into a research lab. this is a pandemic, a quiet pandemic. billions of dollars -- the intelligence estimate says $300 billion -- it is going to cost the united states and lost r&d. that means lost jobs. you cannot be an american company and compete against a chinese company if all of the money you pay for r&d they get for nothing. they get all of your r&d for nothing. whether it is taxpayer money or stockholder money that paid for that r&d, they wait till its done and they hack in and still it and use it to compete. the third issue is something called cyber war. that thankfully has not happened very much, but it has been demonstrated that it could happen. what does that mean?
11:23 pm
it means instead of blowing something up with a bomb or missile, you blow it up with a cyber command. it is not science fiction. it has been demonstrated. the united states did it to iran, blowing up 800 nuclear centrifuges with a cyber command, instead of flying a b2 bomber overhead and dropping a bomb. we also demonstrated you can do it to electrical generators, pipelines, trains, and you can do it from the safety of your office in shanghai or teheran or pyongyang. the bad news is that this knowledge is now filtering down below the state actor level to the nonstate actor level. we sell 30,000 computers in the saudi oil company case completely wiped clean, all data:, nonrecoverable, and one
11:24 pm
quick attack by on state actor. three different issues. crime, espionage, war. what is the role of the state? there are five rolls the state has inherently that apply here. one, you are a corporation. you think of yourself as a company. you have got networks, data, you write he pulled posture, you hold social security numbers, credit card numbers, just like any corporation. you have got to secure that data. secondly, you are a regulator. you can regulate the power grid, pipelines, the trains. you can cause them to hide higher levels of cybersecurity than they have now. third, you are an emergency responder, and you need to know what you would do if the emergency was not a hurricane or a tornado or something you recognize.
11:25 pm
what if the emergency was a cyber attack? would you know what to do? have you exercised a cyber attack? you have probably a their size a snowstorm, but have you exercise what you would do -- you have probably exercised a snowstorm, but have you exercised what you would do in a cyber attack? law enforcement on the state level can help companies that have been hacked that sometime do not get all the attention they need from the federal level. fifth, you are an educational organization. you run colleges, and the big gap here is in trained personnel. when i was in the white house, we created cyber corps, scholarship for service. if you pledge to work for the government for suc every securi, we will pay for your education.
11:26 pm
we need that in the state level. i have got a longer list of things you can do. i have passed out 12 suggestions. it is on the website. but the biggest thing is you need to begin with a strategy. figure out what you think you want to do, what you think the role of government at the state level should be. come up with where you want to go. then do a gap analysis of what is the difference the tween wear philosophically -- between where you think philosophically the state ought to be and where it is. then do a maturation path of getting to where you think in your strategy you want to be from where you are now. a few states have started that and have done good work in this area. i think sharing best practices
11:27 pm
is a great idea. but do not rush out and start programs. begin with a strategy that reflects your philosophy about what you think the state ought to do about these three distinct problems of cyber crime, espionage, and war. >> thank you. >> enqueue, governor o'malley and governor sandoval -- thank you, governor o'malley and governor sandoval. it is an honor to be asked to speak on this important topic. let me begin by emphasizing that the state of michigan government faces a barrage of unauthorized attackempts to accs systems each day of the week. in 2012, we removed over 31 million pieces of malware and
11:28 pm
incoming e-mails, stopped over 140 2 million website attacks and block over 24 million network scams. the threat is real. we see it daily in michigan as does every other state in the nation. what can be done and what are we doing out in michigan? i would like to offer seven actions the governors should take. four in the area of cyber defense and three in cyber response. urgent actions regarding cyber defense. governors must make cyber security a top rate already. in michigan, governor snyder personally led this charge by establishing accountability, authority, visibility, and governoance. we have now merged physical and cyber security into one program. the chief security officer is charged with providing enterprisewide risk management
11:29 pm
and security associated with michigan government assets, property, systems, and networks. this organization also leads the development and invitation of the copperheads of strategy for all michigan technology resources and infrastructure. number 2 -- each state needs a strategic plan for cybersecurity as we just heard. industry best practices for cybersecurity and guidance to be provided from the new nga resource center for cybersecurity, each state must -- governor snyder brought together the best and brightest across the nation as he launched our michigan cyber initiative at the national kickoff for cybersecurity awareness month. this plan lays out a strategy for establishing michigan as a security state with projects individuals -- which protects individuals, states, and guards our data.
11:30 pm
it protects our critical infrastructure in the state cyber ecosystem. our plan can be seen at urity.ecrgov\ cybersecurity our employees are greatest asset at our weakest link against cyber attacks. whether they click on phishing scams, fall for engineering tricks, or inadvertently provide unauthorized access to sensitive data. in the past, michigan develop trading that became outdated, and was a failure. we have learned from other states, and now we offer new online statewide training. brief, interactive lessons are develope delivered to employees. feedback thus far has been overwhelmingly positive.
11:31 pm
employees praised the new approach and even share information with family members at home. let us not forget technical training for staff. in 2012, we launched the michigan cyber range. the state-of-the-art training facility provides a secure environment for cyber spots training, scenario testing, and technical training for cybersecurity staff in the public and private sector. number four, monitor and defend your networks. global attacks can come from anywhere anytime. we need calle qualified staff to respond to threats and ensure confidentiality, integrity, and the availability of our data systems. issue guinness in the process of enhancing this capability with next-generation -- michigan is in the process of enhancing this capability. what if there is a major cyber
11:32 pm
incident in your state? are you ?repared?\ emendation recommendations five through seven address this. states must develop a cyber disruption plan containing a checklist of required actions. state governments have become good at responding to natural disasters such as tornadoes, fires, floods, and hurricanes. the same level of discipline must be applied to cyber incidents. in partnership with private sector custome up a niece, we ae developing disruption plan to map out -- right at sector companies, we are to eleva devea disruption plan. -- cyber disruption
11:33 pm
plans must be testing. in partnership with other governments, michigan has benefited by participating in all four cyber security global exercises. we are planning further public tabletop exercises during 2013. lastly, perhaps most importantly, we must establish trust in partnerships. cyber defense and response cannot be done on an island or it will fail. we must work together to face this threat, share information am i and coordinate our response. establishing and maintaining trusted relationships is an essential key to cyber defense. michigan has strong partnerships with the national association of chief information officers, other states, the
11:34 pm
department of homeland security, the fbi, michigan state police, and numerous private sector partners. billing it strengthened these partnerships must be key for each state moving forward. cyberspace has revolutionized government. the internet has accelerated opportunities for good and evil at the same time. each state must act now to further protect their digital investments. our public trust in government is at stake. i look forward to answering your questions. >> we break there for cu questions? let me ask governor sandoval if he would do the honors of introducing our third presenter. >> it is a pleasure for me to make this introduction, a fellow nevada ann.
11:35 pm
i am pleased we have mr. david hannegan, chief information security officer of his prior to this, he worked at a leading covert research information where he implemented the strategy to protect and secure customer data. t the fact he helped tilt 11 of the largest and most efficient -- he helped to build one of the largest and most efficient data locks. welcome. >> thank you. especially for heading up this committee to push an agenda topic which is important for all parties represented here. i am honored to be here to speak about something i'm passionate about and have been lucky to be
11:36 pm
working inside of. we were asked to come here and talk to you about what to do after a breach. we were told that at previous conferences, he spent time when threats -- time on threats. i will give you a framework to go back and ask some good questions from those who are responsible for security within organizations. i want to set a framework. all of us are aware there have been a lot of breaches the past couple of months, days even. we do not have to spend a lot of time on that. i will spare the names. we know there are more that do not know they are being taxed today and they have not decided
11:37 pm
-- they are being hacked today and they have not decided to publicize that information. i'm going to state these things. i have gone through all of the press releases and found two common themes and i want to use that to frame what i will talk about. if you read the news clips, you would hear a statement similar to this -- we were victims of a sophisticated attack. we are aware of the attack and are launching a full audit of our security practices to prevent this in the future. take a moment and think about those two thanks. now i am going to tell you some facts about data breaches and that you can take. it is always good to have the right questions to ask. data tells us that most breaches are the result of sophisticated attacks. -- of unsophisticated attacks.
11:38 pm
96% were not difficult. 97% of breaches were avoidable through "simple or intermediate controls." there were known vulnerabilities that people did not find other preventative controls for. it is important as you think about your security plans. as i discuss it here, my point is to be about action. what are the key things you should do after a breach? i will surprise you here. it is not rocket science and it is no secret test practice that is out there. it is almost common sense, but it hardeis ardor then it seems. you need to follow your incident response plan and take actions to analyze and learn. if you do not have those plans, that is a different story.
11:39 pm
the immediate time of the breach is no time to think about what needs to happen. you have to be able to react and take care of what needs to be taken care of at those moments because time is precious and you have got to understand and contain those events. it is not a matter of if but when when you are going to be attacked. could be attacked today and not even know it. what is interesting is that companies, governments, and organizations seem to have so much time after an event to spend looking at security programs. why are they not doing it before something happens and constantly testing them? the two most important things to focus on during an incident or breach or communication and execution. you got to keep people informed
11:40 pm
and enabled the teams to execute what they're supposed to do in order to contain the breach. in order to do that, it makes sense to focus on a few key threings. do you know your environment? ask how many events and incidents have been reported this month. if the answer is not many, dig deeper. either you do not have the technology in place to detect the attacks or the people you have do not know what a tn attak looks like. just look at the newspapers. the data is there. you are being targeted. define roles. who is in charge of security and do they know it?
11:41 pm
i know that sounds easy, but as you dig deeper, is it really just your cso or is it also your system administrators? owners. the dater ownera it is dangerous when everybody else thinks it is someone else's responsibility. it is important to make sure someone is accountable. do you have the right depot? -- do you have the right people? ssetle are the greatest accen we are lacking. you will not do anything without the right talent. you can have all the technology, all the greatest processes, but if you do not have people who know what to do in the event of incidents, who do not know what incidents even look like, if you have already lost. how often do you test your
11:42 pm
security measures? if the answer is you have not -- and i am not talking about desktop exercises, i am talking about getting something unannounced, and seeing what you can take from a third party because you want to see how your team is reacting. you want to understand how things are working so you can make an adjustment before it is too late eerie what do you ha. what do you have that others want? without understanding that, how do you know what to protect or even what to look for? only you can answer that question here it whether it . whatever you deem is important to you, do you know where it is and who has access to it? you will be surprised actually who has access. you have to be able to detect suspicious activity. 94% of companies are told by others they have a breach.
11:43 pm
somebody else let them know. detection is not enough. it is about prevention. you have to be able to detect and stop it in its tracks. the average time that a hacker is involved is 416 days before they are detected. you have to ask yourself how effective are your programs. do not be fooled by false security. sometimes i go out there -- we talk about security risk management. i want to make one point. just because you know about a risk and you accepted it does not mean it goes away. has a security person, i keep it simple. i am not going to come to you with something complicated. i am going to say this is the issue. if we do nothing, the issue stays the same. who in their right mind would
11:44 pm
sign off on a risk like that if it was explained that simply. it is still there for someone else to take advantage of and do harm to you and your organization. the last point i want to talk about is how do we share data. we have heard from all of the panelists about sharing data, but i want to challenge that more. how do we do more than just share but operate together more effectively question mark sharing is hard. each government organization is building the same thing -- we're duplicating so many things, taking resources from each other. how do we work together to manage it better? the challenge for other security people to figure it out. what about shared resources? what is so private about attacks? yes, private data, but what is so private about the actual networks that you cannot find trusted partners to share the resources? we do have a shortage in trained resources.
11:45 pm
we have got great schools and universities and we have got to get people excited about security because we can't solve these problems. these eight points are all components of the two most important aspects of managing the breach -- communication and execution. without these components, you would not know who to communicate with and you would not know how to assess the impact of the events. spend your time now and validate the information you receive from your team. it seems odd we have plenty of time and resources to fix issues once a breach happens. why do we not had that same opportunity before so we can prepare? i hope those westerns give you a good framework and i look forward to the conversations -- i hope those questions give you a good framework and i look forward to the conversations we mr. clarke, . >>
11:46 pm
in your handout, which was excellent, the 12 steps -- and gentlemen, i hope you have written down yours and will submit them to us at the end so we can share them with members -- but number three, you say request and receive regular security briefings on cyber security personnel, including state employees and contractors responsible for information and assets from across various state agencies, request regular briefings from the department of homeland security. so much of our ability to set priorities and get people focused on the things we can and must do and the follow-up depends on our ability to ask the right questions. what are the things you would advise those of us who served as governors to be asking for as a template in these briefings? so that they are not a show and tell, so it is an actionable
11:47 pm
?23 question mar3 >> if you have a strategy and flowing from that strategy is a could get briefed every quarter for a half an hour or so on how that congress is being made. there are all sorts of things you could decide are your priorities in this area -- education, law enforcement. then get briefed every quarter from an advisory board, may an inside government advisory board and outside government advisory board. sometimes your employees are not as willing to be frank with you as some of us on the outside are. so you want to have both insiders and outsiders involved. get briefed on progress on implementing the plan and get
11:48 pm
briefed on what has happened lately. what had the attacks been like lately? i agree with david. if they tell you we have got it under control, fire them. >> good point. questions? neil? governor abercrombie from hawaii. >> thank you. i came into a situation in my state in which the capacity for even our department or divisions within departments were incapable of talking to one another. pardon my 20th century approach, but i actually believe in talking. this had enormous consequences, just on a fiscal basis alone.
11:49 pm
if you take foster children, for example. if you deal with education or the judiciary or the health department, what we found was 5, 6, 7 files, all separate from one another, incapable of cross- referencing. i wanted to change that. we found we had stopped counting after 736 different systems, methods, techniques, infrastructure -- i had three people i cannot fire because they are the only people who know where to go on ebay to get the parts for the computers they are using which contains all of
11:50 pm
the information in certain areas. someone had been using the wayne computer for 36 years. he was very smug about it. maybe not everybody is in as bad a situation, so we had no chief information officer. we got a chief information officer to try and put all of this together. i give you that preamble because i am thinking to myself every thing that i thought i was landing may come to naught. if i understood you correctly,, , you talk about centralizing. wouldn't that make me more vulnerable instead of less honorable? maybe people would give up and leave us alone. abi should stay with what it is and just have singles or morris code. -- or morse code.
11:51 pm
isn't there a danger in getting to sophisticated? my goal is to try and yanked us into the 20th century in terms of our capacity to communicate him up but am i setting myself up for failure? >> i can start. i think if you bring together your research -- >> weight. the chief information officer came in and said let me explain to you what is happening today in terms of attacks. the dumbfounded me. we are being attacked right now. >> by bringing together it into a centralized security
11:52 pm
organization, you have a reduced number of pipes so you can watch those pipes. the department of homeland security has a process that is happening in the federal government. there is a large number of tools. the question is are you going to have 20, 30, 50, whatever number of security groups to work and they are all not communicating with each other. there is a shortage of qualified staff. but bringing them together, i think we have shown in michigan, i believe you can be more effective. i think it has been shown in the industry and other states as well to be more efficient. >> i am assuming -- again, it is my lack of sophistication -- by centralizing everything, i
11:53 pm
thought i was making everything more efficient tom up but am i making it easier for people to get into our systems or not question ma? >> you are making it potential he easier but you are also making it potentially easier for you to defend it. you have limited resources, limited people. rather than having 12 state departments or agencies all trying to do this, have one organization at the state level that is the chief information security officer for the state. have one operations center for this kind of thing. and maybe have one loud operation. operation.e cloud >> can you explain the cloud? that is counterintuitive to some of us. >> rather than trying to secure a bunch of different physical
11:54 pm
locations, you put it in the cloud, and the cloud can exist in multiple locations if you do it properly. you do not put everything in one data center. you have two data centers in two different states. then everyone who is involved in security is looking at that one target. it is easier to defend them to try to defend hundreds. being one of the older people in the room and having used the w ang system, i would say keep that working because no one knows how to attack it. [laughter]>> governor fallon? >> we appreciate you coming today to speak to us.
11:55 pm
when i came into office two years ago, i tried to prepare my budget, and i found out all of our state agencies, we had 76 different computer software programs, and i was trying to figure out what the agencies did hear it we had a chie. we had a chief information officer but no authority. we gave him authority to be all over all the different agencies. he started combining information like governor abercrombie has been talking about. we have a saying in oklahoma that we are running our technology on an eight track knowledge he and an ipod world. we were running off old technology. we do have a chief information officer that oversees all of the different state agencies now. we have a backup separate system. i asked where's the backup. is it just one? do we have more?
11:56 pm
you mentioned something about .esearource kits what are you referring to? >> at\cyber security you can look at those. it is looking at schools and universities and how we can work across public and private forties and coordinating mu critical infrastructure and protection. either it is the family or the home or the school, small -- what, to have kidts are a checklist they can use, helpful. -- helpful tools they can use.
11:57 pm
>> we were able to save $86 million in it costs to the state of oklahoma. >> what do you believe is the most significant cybersecurity threat facing states? >> i would distinguish between the most significant threat and the most likely. the most significant threat would be an attack by either a state government like china or iran or a nonstate actor like hezbollah that took down the power grid. cause pipelines to blow up or caused trains to derail. the emergency response that you do for those sorts of things is similar to hurricanes, but there
11:58 pm
are distinct differences. knowing what you would do and exercising it is important. knowing what authorities you have in those situations and who the right people are and who to call and what they will do. that is the most significant threat. the most likely threat is happening every day. people are hacking into your networks and writing themselves checks, then stealing you blinded you do not know it. -- stealing your blind and you do not know it. >> biggest threat? most likely? >> inc. about all of your infrastructure and how all of it is run -- think about all of your infrastructure and how all of it is run. everything that is out there is susceptible to attacks. the only way you're not going to be susceptible is to have it
11:59 pm
disconnected, and even that is not 100%. anything that can stop all of your critical operations would be highly differen detrimental y government. i like the way richard framed it. the likelihood they are taking at anything -- the likelihood is they are taking anything you have that is valuable, whether it is enough information to do identity theft, anything that is critical in secret. if it is connected and you are not protecting it, you do not even know how someone would use that against you, it is happening right now. >> at the same time that all of us are trying to do more of our services online and facilitate consumer transactions online.
12:00 am
hrman, who are the people you call on the federal government? are the resources we can call on as governments governors to help us do a better job of protecting our networks and information? >> absolutely. we work with the department of homeland security very closely. we also work with the multistate isac. this is daily we are talking to them, ongoing operations. >> describe for us what the isac's are. in the case of state governments, there is a multistate isac that works with the 50 state governments. there are sector specific plans for each individual.
12:01 am
for the water sector, for transportation, you can go to dhs board, the national infrastructure plan, and that lays out the sectors pacific plans for each individual critical infrastructure -- sector's specific plans for each individual's article infrastructure. we work with the fbi, criminal justice organizations, department of justice as well. >> has anyone offered a regimen of training exercises and drills that are useful and valuable, or is that something we are still working to create? i know after the attacks of 9/11 there are a lot of people rolling out drills and exercises. some of them were so expensive, none of us running cities could afford to do them without a huge amount of federal help.
12:02 am
when we were one of the lucky winners that would be supported, we came late and said, that was a lot of time. i'm not sure how much more we learn from that than from a tabletop. i would think in this sphere that there should be a way to do this in both the cost effective way and also in a way that where you truly do learn something without it costing you a small fortune as a state. >> i agree. the cyber storm exercises did exactly that, across state lines. they also work with other countries, allies around the world.
12:03 am
in addition, i know the national exercise 2012 -- they are out there. there are exercises. i would agree with you that states should really take advantage of those opportunities to test their systems. >> richard? >> you can also apply for fema grants. while there is still fema money left -- [laughter] you might want to think about applying for that. it is expensive to do the big field exercises, but it costs almost nothing to do a tabletop exercise. while they are not as valuable, they can be very valuable for you and learning who does what and what capabilities. >> what about our national guard? that would be a great reservoir of expertise. have you found that is helpful in michigan? >> absolutely. we work very closely with our michigan national guard, working tabletop lance with him, scenarios -- tabletop events with them, scenarios. >> would you say that most all of our national guard's have some cyber capacity?
12:04 am
>> it varies around the country, but i certainly believe that is being built up and i think it is a way of the future. it is an opportunity for all of the states to look at beefing up their capability in that area. >> that would be a way to institutionalize it. with the national guard, it is always there for you to call upon. >> governor sandoval? >> thank you. the question was asked, what is the most likely vulnerability. >> don't share it on television. [laughter] >> i do all the time. when you ask what is most likely vulnerability, it is almost like, where do i begin? all of your databases can be breached. anything in your databases, any information. social security numbers, credit card numbers, any records that you have. the ability to hack and and write checks, make yourself an account payable and get paid, the fbi has discovered a number of cases like that where small corporations have discovered they were writing checks to people who were actually in the ukraine.
12:05 am
the check does not go immediately to the ukraine. it goes to a local bank account and then hops several times. the most likely is cyber crime, identity theft, and monetary theft. that is happening all the time. the president said in the state of the union address something we have known for a while that has been secret, that foreign entities are now in the control grids, have hacked their way in, water systems and other critical utilities. you have the power to regulate at the state level. sometimes better than the federal government does when it comes to utilities. you could establish cyber regulations for electric power,
12:06 am
for example, that would make an even playing field for all of the companies so there would not be a case of one company having to spend more money to achieve security. everybody would have to do it within your state. i think if you have the power and the federal government doesn't -- power -- and the federal government doesn't -- to regulate your utilities, you want to do it. -- ought to do it. >> employees clicking on links. phishing attempts, spearfishing an e-mail that looks so friendly from a bank or a government focus, and they click on that and then it creates identity theft -- people send in their credentials. that is going on in every one of are states right now.
12:07 am
>> which then dials of the importance of the training. >> there is been a shift over the last 10 years and most of the attacks are now coming through individuals in these phishing incidents, rather than the old method, which was to have it directly at the mainframe. >> you have to think of it in terms of whatever folder ability is easiest. that happens to be people. -- vulnerability is easiest. that happens to be people.
12:08 am
where are you getting security awareness training? where are you learning about these types of things? if you study attacks, because of the way technology is, they are mass using systems. they are getting independent people's systems contaminated. we have to do something about educating folks on security so they do not participate in that. well it is not difficult, it is getting harder at the corporate level. we are getting better. >> just as we insist people show up for work, we need to start insisting that people get this training on a regular basis. anybody that uses a computer in our state government -- we require police officers periodically have to make sure they qualify at the range. what is it, 86% of them are now coming at individuals who click on these innocuous e-mails.
12:09 am
that is where 86% of the attacks are coming through. i would think that all of us need to adopt policies that insist that our employees get the training regularly so they do not do that. >> there is technology that will train them for that. >> we had training in the past. quite frankly, michigan failed earlier miserably in this area because our employees but it was a waste of time . >> gentlemen, thank you. >> i want to add one thing. there is a dirty little secret about security, and it is the non-sexy part.
12:10 am
the reason that there is vulnerabilities is because people are not doing their jobs. if the vulnerabilities are there and we know about it, why aren't they getting fixed? it is not hard. it is time-consuming. it takes effort. he goes back to execution. you have got to be doing things. >> are you talking about individual users? >> system so they take advantage of. -- that they take it vantage off. if you're a system administrator, there are patches. >> we need to wrap up. >> it occurred to me, virtually everything you have been saying to this point was somebody outside coming in. one of the things i discovered very recently, i'm sorry to say, is people who are already inside state employees -- you mentioned
12:11 am
for the abilities of privacy and social security -- vulnerabilities of privacy and social security. people looking people up. you say, let's go see richard gere's tax returns or something like that. let's see richard clarke's tax returns. let's find out how he's really doing. we are going to get him. [laughter] how do you deal with that, then, in terms of security? you are talking about centralization and figuring out how to defend yourself from outside. how do you defend yourself from people who by definition almost have to know what it is you are doing in order to protect yourself on the outside? you protect yourself from them how do you protect yourself from them? >> you can also have
12:12 am
provisioning with identity management. who has access to what? it is also a national initiative that is important and plays into cybersecurity. what do have access to, what is your role, what can you say? i'm getting our hands around identity is important.
12:13 am
the only reason i brought it up , when this was being done, it was not for criminal purposes. it was being done because people, too much time on their hands, they got serious. it was like a prank. the problem, when i got told about it, what if somebody else who is looking for a way in to people's tax returns, doesn't that open -- if you are doing that kind of thing, doesn't what you are doing open up the possibility of other people realizing you are doing that and being able to get technical access and do the same thing? >> whether -- we focus on the external. the same controls externally have to be focused internally, too. the same questions like him who should have access to this, whether they are in your domain or not. >> thank you, martin. >> thank you governor. we have had some light moments, but this is a very serious
12:14 am
issue. we have only scratched the surface here. i am looking forward to developing with you the best practices in figuring out those states that are -- that have come up with the best policies. unlike some other areas where we can be and should be totally open and transparent about the things, this is one area where that does not serve us well, at least initially. we will be having that briefing tomorrow. governors only, 4:00 p.m., and tomorrow we will announce for the secret location is. [laughter] we have before you five policies, as our final bit of business, the health and homeland security committee will consider five policies. one is temporary assistance to needy families, the second is homeland security and emergency management, the third is armed forces, the fourth is about public safety communications, the fifth do with health. two of our policies were amended two of our policies were amended


info Stream Only

Uploaded by TV Archive on